The Cisco team has published a report according to which hundreds of thousands of devices on the Web are vulnerable due to Smart Install technology. IT giant warned critical infrastructure sites about the risks of using vulnerable devices. Smart Install is a technology that allows you to automate the process of initial configuration configuration and loading the current operating system image for a new network switch.
The researchers also reported that the attackers used an open source tool to scan for vulnerable systems. This tool is called the Smart Install Exploitation Tool (SIET).
Among the vulnerable devices are the following:
Catalyst 4500 Supervisor Engines Catalyst
3850 Series Catalyst
3750 Series Catalyst
3650 Series Catalyst
3560 Series Catalyst
2960 Series Catalyst
It is noteworthy that the company released patches for the breach in March, but not all installed them.
To protect against these attacks, the most obvious is to disable Smart Install, the corresponding instruction was published by the Cisco team. Even more obvious is to install all the necessary updates.